Security news aggregator

Latest coverage for Theft

Theft in cybersecurity covers stolen data, credentials, devices, and funds, often creating risks of unauthorized access, fraud, and privacy loss.

27 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Unauthorized taking or copying of information, credentials, intellectual property, or digital assets is cyber theft. News under this tag may involve stolen passwords, payment data, personal information, source code, cloud tokens, cryptocurrency, or sensitive business files. Theft can result from phishing, malware, compromised accounts, insider access, exposed storage, or the loss of an unencrypted device; the relevant issue is the unauthorized acquisition or control of an asset, whether or not the attacker also alters systems.

Security teams should identify where valuable data and credentials are stored, restrict access by role, require strong authentication, encrypt data at rest and in transit, and monitor unusual downloads or transfers. Vulnerability management matters when flaws expose databases, endpoints, or cloud services to unauthorized retrieval. After suspected theft, preserving logs, revoking tokens and credentials, determining what was accessed or copied, and assessing privacy or notification obligations are central to containing the incident and measuring its impact.

Showing 20 most recent headlines of 27 Filtered view

Concerns Grow Over F5 Hacking Amid Stalled Government ShutdownFederal officials are scrambling to contain nation-state hackers exploiting stolen source code from networking devices and software maker F5 amid staffing pressures created by the ongoing government shutdown. Stolen files reportedly include undisclosed vulnerabilities F5 had been researching.

Breach Notification Service Details Peer-to-Peer Lending Marketplace Victim CountHackers appear to have stolen personal information pertaining to more than 17 million individuals from peer-to-peer lending marketplace Prosper, including Social Security numbers, contact information and some income and financial details, says the Have I Been Pwned breach notification service.

2022 Ransomware Attack, Data Theft Affected 3.4 Million PatientsA California-based network of nine affiliated physician practices will pay nearly $50 million to settle consolidated class action litigation involving a 2022 ransomware and data theft attack that affected more than 3.4 million patients. Plaintiffs claimed their data was leaked on the darkweb.

A threat actor with ties to the Democratic People's Republic of Korea (aka North Korea) has been observed leveraging the EtherHiding technique to distribute malware and enable cryptocurrency theft, marking the first time a state-sponsored hacking group has embraced the method

Bank Info Security 9 months ago

Static Credentials Expose MCP Servers to Risk

Study Finds Weak Authentication Practices Across AI Agent ServersTools developers use to connect artificial intelligence tools with external applications and data sources typically are secured by static credentials such as API keys and personal access tokens, exposing AI agent systems to theft or misuse, research shows.

Cybercriminals Demanded Ransom Payments Directly From Some Affected PatientsAn Oklahoma health system will pay $30 million to settle class action litigation involving a 2023 data theft hack that affected 2.4 million people. Some of the patients - including minors - have received blackmail demands directly from cybercriminals threatening to sell their data on the darkweb.

Medusa Group Tied to Attack on SimonMed and Threats to Leak Stolen DataTwo radiology practices are notifying nearly 1.5 million people of separate hacking incidents compromising their sensitive health information. Cybercrime gang Medusa claimed credit for attacking Arizona-based SimonMed Imaging in January and threatened to leak the stolen data of nearly 1.3 million patients on the darkweb.

Loading more headlines...